Technique for ethernet access to packet-based services

ABSTRACT

An Ethernet Metropolitan Area Network ( 10 ) provides connectivity to one or more customer premises ( 16   1   , 16   2   , 16   3 ) to packet-bases services, such as ATM, Frame Relay, or IP while advantageously providing a mechanism for assuring security and regulation of customer traffic. Upon receipt of each customer-generated information frame ( 20 ), an ingress Multi-Service Platform (MSP) ( 12   2 ) “tags” the frame with a customer descriptor ( 22 ′) that specifically identifies the recipient customer. In practice, the MSP tags each frame by overwriting the Virtual Local Area Network (VLAN) identifier ( 22 ) with the routing descriptor. Using the customer descriptor in each frame, a recipient Provider Edge Router (PER) ( 18 ) or ATM switch can map the information as appropriate to direct the information to the specific customer. In addition, the customer descriptor (22′) may also include Quality of Service (QoS) allowing the recipient Provider Edge Router (PER) ( 18 ) or ATM switch to vary the QoS level accordingly.

TECHNICAL FIELD

[0001] This invention relates to a technique enabling access topacket-based services, such as IP, Frame Relay, and ATM, through anEthernet Protocol network.

BACKGROUND ART

[0002] Presently, communication service providers, such as AT&T, offerhigh-speed data communications service to customers through a variety ofaccess mechanisms. For example, a customer may gain network accessthrough a private line connection, i.e., a direct link to thecommunications service provider's network. Private line access providesa dedicated port not shared by anyone else with facility bandwidthavailable exclusively to the particular customer. Unfortunately, privateline access is expensive, and is practical only for customers that havevery high traffic capacity requirements.

[0003] As an alternative to private line access, communications serviceproviders such as AT&T also offer virtual circuit access allowingseveral customers to logically share a single circuit, thus reducingcosts. Such shared circuits, typically referred to as Permanent VirtualCircuits, allow communication service providers to guarantee customertraffic flows that are distinguishable from each, secure, and allowcustomers to enjoy different service features. An example of such atechnique for offering such shared service in a Multi-Protocol LabelSwitching Network is disclosed in U.S. Pat. No. 6,081,524, assigned toAT&T.

[0004] Presently, there is a trend towards using Ethernet networks inplace of Frame Relay and ATM networks especially for transportingtraffic among two or more premises belonging to the same customer.Ethernet-based Metropolitan Area Networks (MANs) currently exist in manyareas and offer significant cost advantages on a per port basis, ascompared to Frame Relay and ATM service. Transmission speeds as high as100, 1000 or even 10,000 MB/second are possible with such Ethernet MANs.Moreover, optical Ethernet MANs typically offer a rich set of features,flexible topology and simple-end-to end provisioning.

[0005] Present-day Ethernet-based MANs lack the ability to logicallyseparate traffic received from different customers, giving rise toissues of data security. Moreover, such present day Ethernet-based MANslack the ability to manage bandwidth among customers, thus preventingthe network from regulating customer traffic to assure equitable access.Thus, there is a need for a technique for routing data in an Ethernetprotocol network that overcomes the aforementioned disadvantages.

BRIEF SUMMARY OF THE INVENTION

[0006] Briefly, in accordance with a preferred embodiment, a method isprovided for routing data in an Ethernet protocol network having aplurality of platforms, each serving one or more customers. A firstplatform receives at least one frame from a sending site (e.g., a firstcustomer's premises) that is destined for a receiving site (e.g.,another premises belonging to the same or a different customer.) Afterreceiving the frame, the first platform overwrites a portion of theframe with a customer descriptor that specifically identifies thesending customer. In practice, the first platform will overwrite aVirtual Local Area Network (VLAN) field that is typically employed bythe sending customer for the purposes of routing data among variousVLANs at the sending premises premises. Rather than overwrite the VLANfield in the frame, the first platform could overwrite another field,such as the source address field, or could even employ a “shim” headercontaining the customer descriptor. All further use of the term customerdescriptor implies that any of the above or similar techniques could beused.

[0007] After overwriting the frame with the customer descriptor, thesending platform routes the frame onto the MAN network for routing amongthe other platforms, thereby sharing trunk bandwidth and otherresources, but logically distinct from other customer's traffic withdifferent customer descriptors. A destination address in the framedirects the frame to its corresponding receiving platform. Upon receiptof the frame, the receiving platform uses the customer descriptor tosegregate the frame for delivery to the proper destination, especiallyin the event where different customers served by the same platform useoverlapping addressing plans. Thus, the customer descriptor in eachframe advantageously enables the receiving platform to distinguishbetween different customers served by that platform.

[0008] For traffic with a destination beyond the MAN, this methodprovides a convenient and efficient way to map the customer-descriptorto similar identifiers in a Wide Area Network (WAN), such as a PermanentVirtual Circuit (PVC), a Virtual Private Network (VPN), or an MPLS LabelSwitched Circuit.

[0009] Overwriting each frame with the customer-descriptor thus affordsthe ability to logically segregate traffic on the Ethernet MAN toprovide Virtual Private Network (VPN) services of the type offered onlyon more expensive Frame Relay and ATM networks. Moreover, the customerdescriptor used to tag each frame can advantageously include Quality ofService (QoS) information, allowing the sender to specify different QoSlevels for different traffic types, based on the Service Level Agreement(SLA) between the customer and the communications service provider.

BRIEF DESCRIPTION OF THE DRAWING

[0010]FIG. 1 depicts an Ethernet Protocol Metropolitan Area Network(MAN) in which each information frame is tagged with a customerdescriptor in its VLAN field in accordance with the present principles;

[0011]FIG. 2 illustrates a sample information frame for transmissionover the network of FIG. 1;

[0012]FIG. 3 illustrates a portion of the MAN showing the various stagesin the tagging process;

[0013]FIG. 4 illustrates a portion of a MAN showing the use of thepriority bits within the VLAN field to establish different Quality ofService levels;

[0014]FIG. 5 illustrates a portion of a MAN showing the manner in whichinformation frames are mapped to different Permanent Virtual Circuits byan ATM switch;

[0015]FIG. 6 illustrates a portion of a MAN showing the manner in whichinformation frames are mapped into different Multi-Protocol LabelSwitching (MPLS) tunnels; and

[0016]FIG. 7 illustrates a portion of a MAN showing the manner in whichinformation frames are mapped into different service networks.

DETAILED DESCRIPTION

[0017]FIG. 1 depicts an Ethernet Protocol Metropolitan Area Network(MAN) 10 comprised of a plurality of Multi-Service Platforms (MSPs) 12₁-12 _(n), where n is an integer, each MSP taking the form of anEthernet switch or the like. In the illustrated embodiment n=4 althoughthe network 10 could include a smaller or larger number of MSPs. A fiberring or SONET ring infrastructure 14 connects the platforms 12 ₁-12 ₄ indaisy-chain fashion allowing each MSP to statistically multiplexinformation onto, and to statistically de-multiplexing information offthe ring infrastructure 14.

[0018] Each of MSPs 12 ₁-12 ₃ serves at least one, and in someinstances, a plurality of premises 16 belonging to one or morecustomers. In the illustrated embodiment of FIG. 1, the MSP 12 ₁ servesa single customer premises 16 ₁ belonging to customer 1 whereas, the MSP12 ₂ serves premises 16 ₂, and 16 ₃ belonging to customers 2 and 3,respectively. The MSP 12 ₃ serves a single premises 16 ₄ that belongs tocustomer 3. The MSPs 12 ₁-13 ₃ are linked to their correspondingpremises via 10, 100 or 1000 MB links 18. The MSP 12 ₄ bears the legend“CO MSP” because it serves as a central office to route traffic from theMAN 10 to a Provider Edge Router (PER) 18 for delivery to othernetworks, such as Frame Relay, ATM, MPLS networks or the Internet asdiscussed hereinafter. By the same token, the PER 18 can route trafficfrom such other networks onto the MAN 10 via the CO MSP 12 ₄.

[0019] The traffic routed onto and off of the MAN 10 by each MSP takesthe form of one or more information frames 20 depicted in FIG. 2.Heretofore, traffic routed onto the network 10 from a particularcustomer's premises was combined with other customer's traffic with nological separation, thus raising security concerns. Moreover, since allcustomers' traffic share the same bandwidth, difficulties existed inprior art Ethernet MANs in regulating the traffic from each customer'spremises, and in affording different customers different Quality ofService (QoS) level in accordance with individual Service LevelAgreements.

[0020] These difficulties are overcome in accordance with the presentprinciples by “tagging” each frame 20 routed onto the network 10 at aparticular MSP, say MSP 12 ₃, with a customer descriptor 22′ (best seenin FIG. 2) that identifies the customer sending that frame. As discussedin greater detail below, each MSP receiving a frame 20 on the fiber ringinfrastructure 14 uses the customer descriptor 22′ in that frame tomaintain distinct routing and addressing tables that are assigned toeach customer served by that MSP. This permits each customer to usetheir own addressing plan without fear of overlap with other customers,as they are all maintained as logically separate.

[0021]FIG. 2 depicts the structure of an exemplary Ethernet protocolframe 20 specified by Ethernet Standard 802.1Q. Among the blocks ofbytes within each frame 20 is a Virtual Local Area Network (VLAN)Identifier 22 comprised of sixteen bits. In practice, the VLANidentifier 22, in conjunction with a VLAN flag block 23 within theframe, facilitates routing of the frame within a customer's premises toa particular VLAN. However, the VLAN identifier 22 has no influence onrouting of the frame 20 after receipt at a MSP.

[0022] In accordance with the present principles, the priordisadvantages associated with conventional Ethernet networks, namely thelack of security and inability to regulate QoS levels, are overcome byoverwriting the VLAN identifier 22 in each frame 20 with the customerdescriptor maintained by the service provider. Overwriting the VLANidentifier 22 of FIG. 2 of each frame 20 with the customer descriptor22′ serves to “tag” that frame with identity of its sending customeridentity, thus affording each MSP in the network 10 the ability to routethose frames only among the premises belonging to that same sendingcustomer. Such tagging affords the operator of the network 10 theability to provide security in connection with frames transmitted acrossthe network, since frames with customer ID A would not be delivered toany premises of customer with ID B. As an example, two or more customersserved by a single MSP may use overlapping IP addressing schemes. In theabsence of any other identifier, the MSP receiving such frame lacks theability to assure accurate delivery.

[0023] In the illustrated embodiment depicted in FIG. 2, each MSP ofFIG. 1 tags the frame 20 by overwriting the VLAN identifier 22 with thecustomer descriptor 22′. However, tagging could occur in other ways,rather than overwriting the VLAN identifier 22. For example, the sourceaddress block 25 within the frame 20 could be overwritten with thecustomer descriptor 22′. Alternatively, the data field 25 could includea shim header comprising the customer descriptor 22′.

[0024] The tagging of each frame 20 with the customer descriptor 22′affords several distinct advantages in connection with routing of theframes through the MAN. First, as discussed above, the tagging affordseach recipient MSP the ability to distinguish traffic destined forcustomers with overlapping address schemes, and thus allows forsegregating traffic on the MAN. Further, tagging each frame 20 with thecustomer descriptor 22′ enables mapping of the frames from a MAN 100depicted in FIG. 3 to corresponding one of a plurality of customerVirtual Private Networks 26 ₁-26 ₃ within an MPLS network 28. As seen inFIG. 3, an MSP 120 ₂ within the MAN 100 receives traffic from premises160 ₁, 160 ₂, and 160 ₃ belonging to customer 1, customer 2 and customer3, respectively, which enjoy separate physical links to the MSP. Uponreceipt of each from a particular customer, the MSP 120 ₂ overwritesthat frame with the customer descriptor corresponding to the sendingcustomer.

[0025] After tagging each data frame, the MSP 120 ₂ statisticallymultiplexes the frames onto the fiber ring infrastructure 14 fortransmission to a CO MSP 120 ₄ for receipt at a destination PER 180 thatserves the MPLS network 28 within which are customer Virtual PrivateNetworks 26 ₁-26 ₃. Using the customer descriptor in each frame, the PER180 maps the frame to the corresponding VPN identifier associated with aparticular one of customer Virtual Private Networks 26 ₁-26 ₃ toproperly route each frame to its intended destination.

[0026] The tagging scheme of the present invention also affords theability to route information frames with different QoS levels within aMAN 1000 depicted in FIG. 4. As seen in FIG. 4, an MSP 1200 ₂ within theMAN 1000 receives traffic from premises 1600 ₂, and 1600 ₃ belonging tocustomer 2 and customer 3, respectively, which enjoy separate physicallinks to the MSP, allowing each to send information frames into the MAN.In the illustrated embodiment of FIG. 4, the frames originating from thepremise 1600 ₂ may contain either voice or data and have correspondingQoS level associated with each type of frame. Upon receiving suchframes, the MSP 1200 ₂ overwrites the frame with the customer descriptorcorresponding to the particular customer sending the frame. The customerdescriptor will not only contain the identity of the sending customer,but the corresponding QoS level associated with that frame.

[0027] After tagging each data frame, the MSP 1200 ₂ statisticallymultiplexes the frames onto the fiber ring infrastructure 14 fortransmission to a CO MSP 1200 ₄ for receipt at a destination PER 1800that serves an MPLS network 280 within which are customer VirtualPrivate Networks 260 ₂ and 260 ₃. Using the customer descriptor in eachframe, the PER 1800 of FIG. 4 maps the frame to the correspondingcustomer VPN to properly route each frame to its intended customerpremises. Further, the PER 1800 of FIG. 4 also maps the QoS levelspecified in the customer descriptor in the frame to assure that theappropriate quality of service level is applied to the particular frame.

[0028] In the above-described embodiments, the frames of customertraffic have been assumed to comprise IP packets that terminate on arouter (i.e., Provider Edge Routers 18, 180 and 1800) and that the VPNsemploy MPLS-BGP protocols. However, some customers may requiremulti-protocol support, or may otherwise require conventional PVCs sothat the traffic streams must be mapped into Frame Relay or ATM PVCs asdepicted in FIG. 5, which illustrates a portion of a MAN 10000 having aCO MSP12000 ₄ serving an ATM switch 30 that receives traffic from theMAN. As seen in FIG. 5, each of premises 16000 ₁, 16000 ₂ and 16000 ₃belonging to customer 1, customer 2 and customer 3, respectively 5 mayoriginate information frames for receipt at MSP 12000 ₂ in the MAN10000. The MSP 12000 ₂ tags each frame with the corresponding customerdescriptor prior to statistically multiplexing the data for transmissionon the fiber ring infrastructure 14 to the CO MSP 12000 ₄ for receipt atthe ATM switch 30. The ATM switch 30 then maps the frame to theappropriate PVC in accordance with the customer descriptor in the framein a manner similar to the mapping described with respect to FIG. 3.Thus, the ATM switch 30 could map the frame to one of Frame Relayrecipients' 32 ₁, 32 ₂, or 32 ₃, ATM recipients 32 ₄ or 32 ₅ or IMA(Inverse Multiplexing over ATM) recipient 32 ₆.

[0029]FIG. 6 depicts a portion of a MAN network 100000 that routesframes onto separate MPLS tunnels 40 ₁-40 ₃ (each emulating a privateline 32 in an MPLS network 2800) in accordance with the customerdescriptor written into each frame by a MSP 120000 ₂ in the MAN. Each ofcustomer premises 160000 ₁, 160000 ₂ and 160000 ₃ depicted in FIG. 6originate information frames for receipt at MSP 120000 ₂. The MSP 120000₂ tags each frame with the customer descriptor prior to statisticallymultiplexing the data for transmission on the fiber ring infrastructure14 for delivery to a CO MSP 120000 ₄ that serves a PER 18000. The PER18000 translates the customer descriptors written onto the frames by theMSP 120000 ₂ into the MPLS tunnels 40 ₁-40 ₃ to enable the PER to routethe traffic to the intended customer.

[0030]FIG. 7 depicts a portion of a MAN network 1000000 for routingtraffic (i.e., information frames) onto separate networks in accordancewith the customer descriptor written into each the frame by a MSP 120000₂ in the MAN. Each of customer premises 1600000 ₂ and 16000003 depictedin FIG. 7 originates information frames for receipt by the MSP 1200000₂. The MSP 1200000 ₂ tags each frame with the customer descriptor priorto statistically multiplexing the data for transmission on the fiberring infrastructure 14 for delivery to a CO MSP 1200000 ₄ that serves aPER 180000. In accordance with the customer descriptor, the PER 1800000of FIG. 7 routes traffic to a particular one of several differentnetworks, e.g., an Intranet VPN 42 ₁, a voice network 42 ₂ and theInternet 42 ₃, in accordance with the customer descriptor written ontothe frame by the MSP 12 ₂.

[0031] The above-described embodiments merely illustrate the principlesof the invention. Those skilled in the art may make variousmodifications and changes that will embody the principles of theinvention and fall within the spirit and scope thereof.

What is claimed is:
 1. In an Ethernet protocol network having aplurality of platforms, each serving a plurality of customers, a methodof routing at least one information frame from at least one sendingcustomer site served by a first platform to at least one receivingcustomer site served by a second platform, comprising the steps of: (a)receiving at said first platform said one frame from said one sendingcustomer; (b) overwriting said one frame with a customer descriptor thatidentifies said sending customer; (c) routing the frame on the networkto said second platform; and (d) delivering the frame to the receivingcustomer site by mapping the customer descriptor to the receivingcustomer.
 2. The method according to claim 1 wherein the mapping stepincludes the step of mapping the customer descriptor to a customerVirtual Private Networks (VPN) associated with the receiving customer.3. The method according to claim 1 further including the steps of:providing the customer descriptor with a quality of service indicatorthat specifies the quality of service level afforded to the acceptedframe; and transmitting the frame to the receiving customer with thequality of service level specified by the quality of service indicatorprovided within the customer descriptor.
 4. The method according toclaim 1 wherein the mapping step includes the step of mapping thecustomer descriptor to a corresponding one of a plurality of Frame Relayand ATM Permanent Virtual Circuits associated with the receivingcustomer.
 5. The method according to claim 1 wherein the mapping stepincludes the step of mapping the customer descriptor to one a pluralityof Multi-Protocol Label Switching tunnels associated with the receivingcustomer.
 6. The method according to claim 1 wherein the mapping stepincludes the step of mapping the customer descriptor to one of aplurality of different service networks associated with the receivingcustomer.
 7. The method according to claim 1 wherein the step ofoverwriting the frame includes the step of overwriting a Virtual LANIdentifier (VLAN) field within the frame.
 8. The method according toclaim 1 wherein the step overwriting the frame includes the step ofoverwriting a source address field within the information frame.
 9. Themethod according to claim 1 wherein the step overwriting the frameincludes the step inserting a shim header containing the customerdescriptor.
 10. In an Ethernet protocol network having a plurality ofplatforms, each serving a plurality of customers, a method of routing atleast one information frame from at least one sending customer served bya first platform to at least one receiving customer served by a secondplatform, comprising the steps of: (a) receiving at said first platformsaid one frame from said one sending customer, said one frame containinga Virtual LAN identifier (VLAN) field; (b) overwriting VLAN field insaid one frame with a customer descriptor that identifies said sendingcustomer (c) routing the frame on the network to said second platform;and (d) delivering the frame to the receiving customer by mapping thecustomer descriptor to the receiving customer.
 11. The method accordingto claim 10 wherein the mapping step includes the step of mapping thecustomer descriptor to a customer Virtual Private Networks (VPN)associated with the receiving customer.
 12. The method according toclaim 10 further including the steps of: providing the customerdescriptor with a quality of service indicator that specifies thequality of service level afforded to the accepted frame; andtransmitting the frame to the receiving customer with the quality ofservice level specified by the quality of service indicator providedwithin the customer descriptor.
 13. The method according to claim 10wherein the mapping step includes the step of mapping the customerdescriptor to a corresponding one of a plurality of Frame Relay and ATMPermanent Virtual Circuits associated with the receiving customer. 14.The method according to claim 10 wherein the mapping step includes thestep of mapping the customer descriptor to one of a plurality ofMulti-Protocol Label Switching tunnels associated with the receivingcustomer.
 15. The method according to claim 10 wherein the mapping stepincludes the step of mapping the customer descriptor to one of aplurality of different service networks in associated with the receivingcustomer.
 16. An Ethernet protocol network comprising: a fiber ringinfrastructure; and a plurality of platforms coupled to the fiber ringinfrastructure, each platform serving at least one customer forstatistically multiplexing information frames onto the fiber ringinfrastructure from said one customer and for statisticallyde-multiplexing information frames off the fiber ring infrastructure tothe one customer wherein each platform sending a frame overwrites saidframe with a customer descriptor that identifies the sending customer;and routes the frame on the network to a receiving site; and whereineach platform delivering a frame to the receiving customer does so bymapping the customer descriptor to the receiving customer.
 17. Theapparatus according to claim 16 wherein the receiving platform maps thecustomer descriptor through a provider edge router to a customer VirtualPrivate Networks (VPN) associated with the receiving customer.
 18. Theapparatus according to claim 16 wherein the customer descriptor includesquality of service level information.
 19. The apparatus according toclaim 16 wherein the receiving platform maps the customer descriptorthrough an ATM switch router to a corresponding one of a plurality ofFrame Relay and ATM Permanent Virtual Circuits associated with thereceiving customer.
 20. The apparatus according to claim 16 wherein thereceiving platform maps the customer descriptor through a provider edgerouter to one a plurality of Multi-Protocol Label Switching tunnelsassociated with the receiving customer.
 21. The apparatus according toclaim 16 wherein the receiving platform maps the customer descriptorthrough a provider edge router to one of a plurality of differentservice networks in associated with the receiving customer.
 22. Theapparatus according to claim 16 wherein the sending platform overwritesa Virtual LAN Identifier (VLAN) field within the frame with the customerdescriptor.
 23. The apparatus according to claim 16 wherein the sendingplatform overwrites a source address field within the information framewith the customer descriptor.
 24. The method according to claim 16wherein the sending platform inserts into the frame a shim headercontaining the customer descriptor.